The scope of responsibility for this position covers the entire Johns Hopkins Institutions including the Johns Hopkins University (JHU), The Johns Hopkins Health System (JHHS) and Information Technology (IT) areas of the Applied Physics Laboratory (APL) as assigned. This role is responsible for defining and executing the annual internal audit plan for the Johns Hopkins Institution related to information technology areas.
Manage a Team of Professionals, with a Strong Focus on OHIA’s Values of
Integrity – building ethical standards as a foundation.
Excellence – the foundation of achieving excellence is maintaining objectivity.
Respect – the foundation of building and maintaining relationships lies in the respect one shows each other.
Collaboration – is evidenced by communication, problem solving, and conflict resolution through bringing together knowledge, experience, ideas and skills to achieve a common goal.
Essential Job Functions
In collaboration with Departmental Leadership team, including Chief Audit Officer, Executive Director Operational Audits, and Sr. Director of IT Audits, establish strategic plan for Office of Hopkins Internal Audit and ensure strategic initiatives are effectively carried out
Oversee a team of IT audit staff and one Data Analytics Manager in the development of an annual internal audit plan utilizing an advanced risk assessment model to identify the internal audit universe, including OHIA’s involvement in internal control assessments for new systems and IT security activities; and obtain management input and buy-in
Oversee a team of IT auditors and one Data Analytics Manager in the execution of the annual audit plan by measuring and communicating progress, proposing revisions to the plan to reflect new priorities, and ensuring the annual plan is completed taking into consideration unforeseen occurrences (e.g., employee turnover).
In collaboration with IT audit staff and Data Analytics Manager, assure internal audit projects are performed according to department policies, procedures and standards (e.g., audit methodology, project management tools), staying within the scope and resource allocation limits (hours and timelines), and holding staff accountable for meeting stated assigned objectives.
In collaboration with IT audit staff and the Data Analytics Manager, scope projects and assign auditors to ensure timely and adequate execution of individual audit projects; provide clearly defined objectives based on key internal control objectives and associated risks.
Provide advanced direction to assigned team members on the performance of audits of key control processes and IT areas of the institutions.
Keep customers of OHIA (e.g., process owners, PBO’s, senior leadership) informed on developing issues on internal audit projects.
Assist in the negotiation of recommended changes in internal control practices and build consensus with upper-level management.
Review, edit and approve internal audit reports.
Oversee follow-up procedures to ensure management’s agreed upon corrective actions are effectively implemented and consistently carried out.
Summarize internal audit results and communicate with internal leadership and the Board of Trustees Audit Committees of JHU and JHHS.
Recruit professional internal audit staff to support the mission of the organization.
Provide timely feedback to professional staff on performance on internal audit projects and for annual performance evaluation.
Work with IT audit staff and Data Analytics Manager to define annual professional development plans and monitor progress throughout the year.
Develop effective working relationships with IT leaders and other leaders of JHU and JHHS.
Develop internal networks to raise awareness of audit issues.
Develop external professional networks with the Association of Health Care Internal Auditors, the Association of College and University Auditors, peer internal audit departments and other relevant professional organizations.
Provide input to committees that impact the processes/operation of the JH Institution
Keep abreast of developments in organization IT/business areas and industry business practices.
Collaborate with operational audit leaders on teaming audits.
Partner effectively with external audit and institutional risk functions, including corporate compliance, privacy, risk management and others to enhance institutional risk management around IT.
When required, interact with outsourced professional service firms to scope projects, negotiate fees and hold third-party firms accountable for high levels of quality in the execution of audit projects.
Champion internal control best practices, challenge cultural norms and work strategically to build consensus around practices to enhance the control environment or drive efficiencies in clinically oriented areas.
Establish a culture that supports employee engagement and diversity, equity and inclusion.
Reports To: Senior Director of IT Audits, Office of Hopkins Internal Audits
Qualifications:
Required
Bachelor’s Degree in Accounting, IT or Business, or related field.
Certified Information Systems Auditor (CISA). At least 10 years of IT audit experience with at least 5 years of increasing responsible leadership experience.
This position does not allow for education or experience substitutions.
Preferred Qualifications
Master’s in Business Administration or other related IT field
Knowledge of internal controls related to physical security, logical security (application, database, operating system, network), program change control/change management, system/data backup, disaster recovery, business continuity, systems development life cycle, project management, system administration, system interfacing, data migration, configuration management, programming, systems analysis, telecommunications, enterprise resource planning, and compliance (Health Insurance Portability and Accountability Act).
Familiarity with networking (firewalls, routers, remote access, intrusion detection systems, active directory), database (SQL, Oracle, DB2), and operating system (Windows, UNIX) technologies.
Other Responsibilities
Supervises a staff of professional IT Internal Auditors and a Data Analytics manager.
Provides departmental leadership along with Sr. Director of Information Technology Audits, Executive Director, and Chief Audit Officer, promoting a positive work environment and participating in the continuous improvement initiatives related to departmental environment and process.
MissionTo protect Johns Hopkins institutional resources by:Identifying and evaluating risks within business processesAssessing and testing internal controls for effectivenessInvestigating suspected misuse of resourcesValidating management corrective actionsCommunicating results to trustees, senior leaders, and other impacted stakeholders, andDeveloping an engaged and talented staff through the use of a systematic approach, innovative techniques and comprehensive tools. VisionFor the benefit of Johns Hopkins Institutions, OHIA will:Be a catalyst in improving the internal control environment through raising awareness and providing assuranceDevelop creative audit approaches in response to changeBe viewed as a leader in Higher Education and Healthcare internal auditing ValuesIntegrity – Ethical standards are the foundation of integrityWe are truthful, trustworthy and fair in all of our efforts.We hold ourselves and each other to the highest standards of professionalism, confidentially, and ethical conduct. Excellence – The foundation to achieving excellence is maintaining our objectivityCompetence – We utilize our collective experience and talents to provide high quality internal audit... services, aimed at increasing accountability across the organization. We seek to use best practices found within and outside of the organization in performing audits and investigations.Continuous Improvement – We continually seek out better and more effective ways to do our work.Personal Development – We emphasize personal development to help us achieve excellence. Respect – The foundation of building and maintaining relationships lies in the respect we show to one anotherWork/Life Balance – We respect balance in each other’s lives.Recognition – We honor and acknowledge each individual’s contribution to our efforts.Diversity and Inclusion – We appreciate each other’s differences and value the unique strengths that each person contributes. Collaboration – Collaboration is evidenced by communication, problem solving, and conflict resolution through bringing together knowledge, experience, ideas and skills to achieve a common goalWe foster teamwork while maintaining individual accountability.We value client input in scope of audit projects as well as in written reports.We value sustainable relationships with our clients.